package com.smallcr.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.stereotype.Component;

import com.smallcr.doc.SessionKeys;


@Component
public class AuthorizationInterceptor extends UserAccessInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
            throws Exception {

        if (checkMethodAnnotation(handler)) {
            return true;
        }
        // 从header中得到token
        String appCode = request.getHeader(SessionKeys.APP_CODE.toString());
        String token = request.getHeader(SessionKeys.TOKEN.toString());
        
        //通过appCode 和 token 查询数据库 获得userId
        String userId="123456";
        // 如果token验证成功，将token对应的用户id存在request中，便于之后注入
        if (userId != null) {
            request.setAttribute(SessionKeys.UID.toString(), userId);
            return true;
        } else {
            return printErrorInfo("Token is invalid or expired");
        }
    }


}
